A .github/ISSUE_TEMPLATE/1.web_bug_report.yml => .github/ISSUE_TEMPLATE/1.web_bug_report.yml +76 -0
@@ 0,0 1,76 @@
+name: Bug Report (Web Interface)
+description: If you are using Mastodon's web interface and something is not working as expected
+labels: [bug, 'status/to triage', 'area/web interface']
+body:
+ - type: markdown
+ attributes:
+ value: |
+ Make sure that you are submitting a new bug that was not previously reported or already fixed.
+
+ Please use a concise and distinct title for the issue.
+ - type: textarea
+ attributes:
+ label: Steps to reproduce the problem
+ description: What were you trying to do?
+ value: |
+ 1.
+ 2.
+ 3.
+ ...
+ validations:
+ required: true
+ - type: input
+ attributes:
+ label: Expected behaviour
+ description: What should have happened?
+ validations:
+ required: true
+ - type: input
+ attributes:
+ label: Actual behaviour
+ description: What happened?
+ validations:
+ required: true
+ - type: textarea
+ attributes:
+ label: Detailed description
+ validations:
+ required: false
+ - type: input
+ attributes:
+ label: Mastodon instance
+ description: The address of the Mastodon instance where you experienced the issue
+ placeholder: mastodon.social
+ validations:
+ required: true
+ - type: input
+ attributes:
+ label: Mastodon version
+ description: |
+ This is displayed at the bottom of the About page, eg. `v4.1.2+nightly-20230627`
+ placeholder: v4.1.2
+ validations:
+ required: true
+ - type: input
+ attributes:
+ label: Browser name and version
+ description: |
+ What browser are you using when getting this bug? Please specify the version as well.
+ placeholder: Firefox 105.0.3
+ validations:
+ required: true
+ - type: input
+ attributes:
+ label: Operating system
+ description: |
+ What OS are you running? Please specify the version as well.
+ placeholder: macOS 13.4.1
+ validations:
+ required: true
+ - type: textarea
+ attributes:
+ label: Technical details
+ description: |
+ Any additional technical details you may have. This can include the full error log, inspector's output…
+ validations:
+ required: false
R .github/ISSUE_TEMPLATE/1.bug_report.yml => .github/ISSUE_TEMPLATE/2.server_bug_report.yml +26 -17
@@ 1,6 1,7 @@
-name: Bug Report
-description: If something isn't working as expected
-labels: [bug]
+name: Bug Report (server / API)
+description: |
+ If something is not working as expected, but is not from using the web interface.
+labels: [bug, 'status/to triage']
body:
- type: markdown
attributes:
@@ 36,21 37,29 @@ body:
label: Detailed description
validations:
required: false
+ - type: input
+ attributes:
+ label: Mastodon instance
+ description: The address of the Mastodon instance where you experienced the issue
+ placeholder: mastodon.social
+ validations:
+ required: false
+ - type: input
+ attributes:
+ label: Mastodon version
+ description: |
+ This is displayed at the bottom of the About page, eg. `v4.1.2+nightly-20230627`
+ placeholder: v4.1.2
+ validations:
+ required: false
- type: textarea
attributes:
- label: Specifications
+ label: Technical details
description: |
- What version or commit hash of Mastodon did you find this bug in?
-
- If a front-end issue, what browser and operating systems were you using?
- placeholder: |
- Mastodon 3.5.3 (or Edge)
- Ruby 2.7.6 (or v3.1.2)
- Node.js 16.18.0
-
- Google Chrome 106.0.5249.119
- Firefox 105.0.3
-
- etc...
+ Any additional technical details you may have, like logs or error traces
+ value: |
+ If this is happening on your own Mastodon server, please fill out those:
+ - Ruby version: (from `ruby --version`, eg. v3.1.2)
+ - Node.js version: (from `node --version`, eg. v18.16.0)
validations:
- required: true
+ required: false
R .github/ISSUE_TEMPLATE/2.feature_request.yml => .github/ISSUE_TEMPLATE/3.feature_request.yml +0 -0
M .rubocop_todo.yml => .rubocop_todo.yml +1 -0
@@ 291,6 291,7 @@ RSpec/LetSetup:
- 'spec/controllers/oauth/tokens_controller_spec.rb'
- 'spec/controllers/settings/imports_controller_spec.rb'
- 'spec/lib/activitypub/activity/delete_spec.rb'
+ - 'spec/lib/vacuum/applications_vacuum_spec.rb'
- 'spec/lib/vacuum/preview_cards_vacuum_spec.rb'
- 'spec/models/account_spec.rb'
- 'spec/models/account_statuses_cleanup_policy_spec.rb'
M app/lib/application_extension.rb => app/lib/application_extension.rb +2 -0
@@ 4,6 4,8 @@ module ApplicationExtension
extend ActiveSupport::Concern
included do
+ has_many :created_users, class_name: 'User', foreign_key: 'created_by_application_id', inverse_of: :created_by_application
+
validates :name, length: { maximum: 60 }
validates :website, url: true, length: { maximum: 2_000 }, if: :website?
validates :redirect_uri, length: { maximum: 2_000 }
A app/lib/vacuum/applications_vacuum.rb => app/lib/vacuum/applications_vacuum.rb +10 -0
@@ 0,0 1,10 @@
+# frozen_string_literal: true
+
+class Vacuum::ApplicationsVacuum
+ def perform
+ Doorkeeper::Application.where(owner_id: nil)
+ .where.missing(:created_users, :access_tokens, :access_grants)
+ .where(created_at: ...1.day.ago)
+ .in_batches.delete_all
+ end
+end
M app/models/application_record.rb => app/models/application_record.rb +1 -1
@@ 5,7 5,7 @@ class ApplicationRecord < ActiveRecord::Base
include Remotable
- connects_to database: { writing: :primary, reading: :read }
+ connects_to database: { writing: :primary, reading: ENV['DB_REPLICA_NAME'] || ENV['READ_DATABASE_URL'] ? :read : :primary }
class << self
def update_index(_type_name, *_args, &_block)
M app/views/layouts/application.html.haml => app/views/layouts/application.html.haml +2 -2
@@ 29,9 29,9 @@
= javascript_pack_tag "common", crossorigin: 'anonymous'
- if @theme
- if @theme[:supported_locales].include? I18n.locale.to_s
- = preload_pack_asset "locales/#{@theme[:flavour]}/#{I18n.locale}-json.js", crossorigin: 'anonymous'
+ = preload_pack_asset "locales/#{@theme[:flavour]}/#{I18n.locale}-json.js"
- elsif @theme[:supported_locales].include? 'en'
- = preload_pack_asset "locales/#{@theme[:flavour]}/en-json.js", crossorigin: 'anonymous'
+ = preload_pack_asset "locales/#{@theme[:flavour]}/en-json.js"
= csrf_meta_tags unless skip_csrf_meta_tags?
%meta{ name: 'style-nonce', content: request.content_security_policy_nonce }
M app/views/layouts/embedded.html.haml => app/views/layouts/embedded.html.haml +2 -2
@@ 15,9 15,9 @@
= javascript_pack_tag 'common', crossorigin: 'anonymous'
- if @theme
- if @theme[:supported_locales].include? I18n.locale.to_s
- = preload_pack_asset "locales/#{@theme[:flavour]}/#{I18n.locale}-json.js", crossorigin: 'anonymous'
+ = preload_pack_asset "locales/#{@theme[:flavour]}/#{I18n.locale}-json.js"
- elsif @theme[:supported_locales].include? 'en'
- = preload_pack_asset "locales/#{@theme[:flavour]}/en-json.js", crossorigin: 'anonymous'
+ = preload_pack_asset "locales/#{@theme[:flavour]}/en-json.js"
= render partial: 'layouts/theme', object: @core
= render partial: 'layouts/theme', object: @theme
M app/views/media/player.html.haml => app/views/media/player.html.haml +2 -2
@@ 3,9 3,9 @@
= javascript_pack_tag 'common', crossorigin: 'anonymous'
- if @theme
- if @theme[:supported_locales].include? I18n.locale.to_s
- = preload_pack_asset "locales/#{@theme[:flavour]}/#{I18n.locale}-json.js", crossorigin: 'anonymous'
+ = preload_pack_asset "locales/#{@theme[:flavour]}/#{I18n.locale}-json.js"
- elsif @theme[:supported_locales].include? 'en'
- = preload_pack_asset "locales/#{@theme[:flavour]}/en-json.js", crossorigin: 'anonymous'
+ = preload_pack_asset "locales/#{@theme[:flavour]}/en-json.js"
= render partial: 'layouts/theme', object: @core
= render partial: 'layouts/theme', object: @theme
M app/views/shared/_web_app.html.haml => app/views/shared/_web_app.html.haml +3 -3
@@ 1,8 1,8 @@
- content_for :header_tags do
- if user_signed_in?
- = preload_pack_asset 'features/compose.js', crossorigin: 'anonymous'
- = preload_pack_asset 'features/home_timeline.js', crossorigin: 'anonymous'
- = preload_pack_asset 'features/notifications.js', crossorigin: 'anonymous'
+ = preload_pack_asset 'features/compose.js'
+ = preload_pack_asset 'features/home_timeline.js'
+ = preload_pack_asset 'features/notifications.js'
%meta{ name: 'initialPath', content: request.path }
%meta{ name: 'applicationServerKey', content: Rails.configuration.x.vapid_public_key }
M app/workers/scheduler/vacuum_scheduler.rb => app/workers/scheduler/vacuum_scheduler.rb +5 -0
@@ 22,6 22,7 @@ class Scheduler::VacuumScheduler
preview_cards_vacuum,
backups_vacuum,
access_tokens_vacuum,
+ applications_vacuum,
feeds_vacuum,
imports_vacuum,
]
@@ 55,6 56,10 @@ class Scheduler::VacuumScheduler
Vacuum::ImportsVacuum.new
end
+ def applications_vacuum
+ Vacuum::ApplicationsVacuum.new
+ end
+
def content_retention_policy
ContentRetentionPolicy.current
end
M config/webpack/shared.js => config/webpack/shared.js +1 -0
@@ 60,6 60,7 @@ module.exports = {
chunkFilename: 'js/[name]-[chunkhash].chunk.js',
hotUpdateChunkFilename: 'js/[id]-[hash].hot-update.js',
hashFunction: 'sha256',
+ crossOriginLoading: 'anonymous',
path: output.path,
publicPath: output.publicPath,
},
M lib/webpacker/helper_extensions.rb => lib/webpacker/helper_extensions.rb +8 -1
@@ 13,7 13,14 @@ module Webpacker::HelperExtensions
def preload_pack_asset(name, **options)
src, integrity = current_webpacker_instance.manifest.lookup!(name, with_integrity: true)
- preload_link_tag(src, options.merge(integrity: integrity))
+
+ # This attribute will only work if the assets are on a different domain.
+ # And Webpack will (correctly) only add it in this case, so we need to conditionally set it here
+ # otherwise the preloaded request and the real request will have different crossorigin values
+ # and the preloaded file wont be loaded
+ crossorigin = 'anonymous' if Rails.configuration.action_controller.asset_host.present?
+
+ preload_link_tag(src, options.merge(integrity: integrity, crossorigin: crossorigin))
end
end
A spec/lib/vacuum/applications_vacuum_spec.rb => spec/lib/vacuum/applications_vacuum_spec.rb +48 -0
@@ 0,0 1,48 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe Vacuum::ApplicationsVacuum do
+ subject { described_class.new }
+
+ describe '#perform' do
+ let!(:app1) { Fabricate(:application, created_at: 1.month.ago) }
+ let!(:app2) { Fabricate(:application, created_at: 1.month.ago) }
+ let!(:app3) { Fabricate(:application, created_at: 1.month.ago) }
+ let!(:app4) { Fabricate(:application, created_at: 1.month.ago, owner: Fabricate(:user)) }
+ let!(:app5) { Fabricate(:application, created_at: 1.month.ago) }
+ let!(:app6) { Fabricate(:application, created_at: 1.hour.ago) }
+
+ let!(:active_access_token) { Fabricate(:access_token, application: app1) }
+ let!(:active_access_grant) { Fabricate(:access_grant, application: app2) }
+ let!(:user) { Fabricate(:user, created_by_application: app3) }
+
+ before do
+ subject.perform
+ end
+
+ it 'does not delete applications with valid access tokens' do
+ expect { app1.reload }.to_not raise_error
+ end
+
+ it 'does not delete applications with valid access grants' do
+ expect { app2.reload }.to_not raise_error
+ end
+
+ it 'does not delete applications that were used to create users' do
+ expect { app3.reload }.to_not raise_error
+ end
+
+ it 'does not delete owned applications' do
+ expect { app4.reload }.to_not raise_error
+ end
+
+ it 'does not delete applications registered less than a day ago' do
+ expect { app6.reload }.to_not raise_error
+ end
+
+ it 'deletes unused applications' do
+ expect { app5.reload }.to raise_error ActiveRecord::RecordNotFound
+ end
+ end
+end